Fiddler to my sharepoint site displays this: The server (0d255cb7441615dbb825de4d81cddac7.nrb.footprintdns.com) presented a certificate that did not validate, because it was issued to a different host.

I want to report that I have seen this as well. I have multiple kiosk computers with traffic going to these *.nrb.footprintdns.com sites. All we are doing is logging into Office 365 and using Outlook Online and Online Office Apps on these kiosks. I have them locked down from browsing any websites except approved. Can someone please find out why Microsoft is directing traffic to these sites? They are not listed in the official Office365 URL list.

Still no response from MS ? Till today it was silent, but now, all the computers are getting this message, and the firewall installed is blocking it (the security certificate is not from a known or approved agency) Anyway, it isn't affecting the operation, so I think it is immaterial, except the nuisance value. But which group of microsoft is tryying to fish here ? The Office 365 group or the windows ?

Not sure if this is the place to post, but as others have identified Microsoft Office and Outlook as involved, I'll make my contribution.

My Kaspersky Total Security application is identifying an invalid certificate. The source program is listed as Microsoft Office in the popup. The certificate in question lists the related certificate site as outlook.live.com, and the detailed report lists the involved program as Microsoft Word! I have attached the pertinent screenshots. As you can see, the issue is very repetitive, with a different prefix for the url each time. Comment would be appreciated.

I just checked up the log of KAV, and it seems quite interesting. It has blocked the footprint not only for outlook but for others too , like ms-excel. Probably if I open up other ms-office files it would do it the same for others.

The domain name "Foot-print" does not seem to be too innocuous.

In addition there is something else too.... probably you people could check up - KAV has blocked several other programs (all windows) - from data mining from other files !

Apparently this domain is exclusively being used bij Microsoft to track your activity. That also explains why applications like Outlook and Excel both use it, but also website like Office365 and SharePoint. It looks like only authenticated users are being tracked, but I'm not totally sure.

The reason why Kasperspy comes up with an issue about the authenticity of the domain is rather simple: some application is trying to access a domain (*.nrb.footprintdns.com) while the channel (outlook.office.com or live.com depending from the application you use) uses a certificate that does not match the url.

So why is Microsoft doing this? Well, that's (sort of) easy. Tracking your users' activity helps improving the product. Okay, that's the political/marketing way of saying it of course. But for business reasons Microsoft is also collecting data from their users, for all kinds of reasons. I would never expect a company like Microsoft to sell data like this (for it would mean their destruction). But using it for ads, improving their products, statistical data for having the best availability will be among the reasons.

Also technically it's a good practise to use a separate service for this kind of activity. Being such a large company it's no surprise MSFT connected it to a different domain. Although it surprises me that they didn't use a microsoft.com domain.

I do know that they try to track, but naturally I won't like to be tracked, even when I am not doing anything that "deserve" to be tracked :-)

And doing it for the authentic (i.e. licenced) users, is something I won't even appreciate.

User Experience improvement ? I am old-timer, and I won't agree to, at the cost of invasion of privacy. Whether my data is being sold or not is immaterial. The raw data is collected, and I am sure is stored. The statistical report is next stage, and no one destroys raw data, even after the concise report is generated (at least as ex-student of Statistics, I won't, since these could be used for some further study, on some other aspect).

By the way, the Kasp had, when I checked, blocked Chrome browser too. That was done without notifying me. I am thankful to Kasp, except that they shouldn't bother me by notifying, let them just block these. May be I would have to tell Kasp, that after a few "Disallow" s, they could as well black-list these domains, for my subscription at least.

Simple- Kasp says that the domain safety certificate is issued by some one, on whom either Kasp has no confidence on, or doesn't even know about it. In that case, the domain could be safe, could be unsafe (hackable), or could be even malicious by itself.

If I have Kasp on, I will go by its advice. Even if it is against MS' own domain (which it isn't, but is a sub-let domain). Let MS do its security analysis and ensure that the firewalls don't flag it down.

Over here the same with Outlook now. I did add *.*.footprintdns.com to KAV which did not stop the Certificate pop-up warning ... but in the block logs of Parental Control this shows up numerous times:https://*.nrb.footprintdns.com/apc/trans.gif (the * is a random batch of numbers and letters).

I presume this is a tracking pixel of some kind? And presume it is embedded in the GUI of Outlook?Anyway, it all is very strange to say the least ....

Well, for me Kasp takes care, by keeping that fellow incommunicado. But probably that may be a doubtful information, since these are the Microsoft servers domains, unless Microsoft itself is compromised or are deliberately compromising their official, licenced users.

I cannot comment on Sharepoint, Word, Excel etc etc etc but I did notice it when using Outlook 365. Noticing this certificate issue for myself on my computer, I did some research and discovered that if you turn off the "Coming Soon" button in the top right corner of Outlook, the "Invalid Certificate" issue went away.

It seems to me that by activating this part of office, it is allowing Microsoft to send adverts about their products. I am lucky that I am using Windows 7 where that OS was never designed to be one large advertising platform where Windows 10 is.

I haven't investigated too deeply but after seeing this thread, I though I would give my 2 cents worth. I hope it helps some people out.

The domain nrb.footprintdns.com is owned by Microsoft and represents servers in Microsoft datacenters. It is used for telemetry purposes that comply with Microsoft privacy commitments that you can read about at: https://products.office.com/en-us/business/office-365-trust-center-privacy. Data sent to this domain is used to identify network connectivity and performance issues and to support improvements to the service. We have plans to rename it to be more descriptive, and to publish it at the Office 365 IP Address and URL publishing site at http://aka.ms/o365ip. If you have any problems using Office 365 related to this, please raise a support incident so that we can assist at https://support.office.com/

Our SharePoint implementation is extremely slow. Hundreds of files are downloaded on every request, many of them unnecessary, and this represents a large portion of them. I'm trying to speed up the user experience. Please do not respond by saying it is a necessary feature, or that it doesn't affect our site, because both of those responses would be wrong and unhelpful.

Regarding caching, everything seems to be cached except for client-side web part queries (as expected), footprint activity (calls from fp.js), and a vast array of owa/o365 calls. It's the latter two that I'm trying to eliminate from my site. I don't need alerts from O365, and I don't want to participate in "customer improvement" programs.

The domain nrb.footprintdns.com is owned by Microsoft and represents servers in Microsoft datacenters. It is used for telemetry purposes that comply with Microsoft privacy commitments that you can read about at: https://products.office.com/en-us/business/office-365-trust-center-privacy. Data sent to this domain is used to identify network connectivity and performance issues and to support improvements to the service. We have plans to rename it to be more descriptive, and to publish it at the Office 365 IP Address and URL publishing site at http://aka.ms/o365ip. If you have any problems using Office 365 related to this, please raise a support incident so that we can assist at https://support.office.com/

Therein lies the irony - to identify performance issues - when I am getting a timeout from said server / cert! And eventually blank screen (Chrome) Browser crash (IE 11), I don't even want to try in Edge!

Replicate on SharePoint online by switching a fairly substantial list between Modern and Classic view.

If it is performance this is trying to fix - then I recommend someone in MS switch it off first!